News:

SMF 2.0.19 has been released! Please update. Read more.

Main Menu

krisbarteo joined my forum, known hacker irc

Started by Xycose, May 15, 2009, 10:26:34 AM

Previous topic - Next topic

Xycose

krisbarteo joined my forum, no posts, if i understand correctly this is a known hacker. i banned him right away, i dont think there was any avatars in the folder, but there was a blank.gif that i dont remember being there so i deleted that as well, after reading a bit more i wish i saved that file to check it.

forum is running fine, what should i check to see if he's done anything?

Toefur

He joined mine as well, and now my site is hosed.  Having problems seeing it in IE8, Firefox, and chrome. Safari seems to work for some reason.

I noticed some code in the php files that I don't think was there before. Also checking the source on my home page shows a bunch of spam/links in the divider.

Would like to know how he did that so it can be prevented. I don't feel like trying to clean up everything so I'm about to just delete, re-install, and hope for the best.

shadow82x

Guys,

Be sure to take a look at this topic - http://www.simplemachines.org/community/index.php?topic=309717.0

There will be a patch in the near future addressing these security issues. :)
Colin B
Former Spammer, Customize, & Support Team Member

Toefur

BTW I guess I should have posted in the 1x forums. I came to 2.0 to see if this version was safe from the attack.  Reading the other threads on it now.  Thanks!

greyknight17

It's affecting both versions from what I understand. SMF will be releasing a patch for this as soon as possible.

glennk

Bugger got me as well. Says he lives in monaco. What a nugget.


ɔɔɔɔɔɔuɥoɾ

#7
Do is SMF2.0 RC1.2 safe from this "krisbarteo" or any other alias he may use?

Nevermind, the exploit was removed for SMF 2.0 RC1


SMF 2.0 RC5

   
Webhost to New Webhost file transfer service, PM me - Fast transfers

Advertisement: